CVE-2009-1713

Description

The XSLT functionality in WebKit in Apple Safari before 4.0 does not properly implement the document function, which allows remote attackers to read (1) arbitrary local files and (2) files from different security zones via unspecified vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/51267

http://www.vupen.com/english/advisories/2011/0212

http://www.vupen.com/english/advisories/2009/1522

http://www.ubuntu.com/usn/USN-857-1

http://support.apple.com/kb/HT3613

http://secunia.com/advisories/43068

http://secunia.com/advisories/35379

http://osvdb.org/54975

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS